Difference between revisions of "BSc: Network And Cyber Security"
I.konyukhov (talk | contribs) m (I.konyukhov moved page BSc:NetworkAndCyberSecurity to BSc:NetworkAndCyberSecurity.S22) |
R.sirgalina (talk | contribs) |
||
Line 6: | Line 6: | ||
== Course characteristics == |
== Course characteristics == |
||
− | == Key concepts of the class == |
+ | === Key concepts of the class === |
* Information Security Management |
* Information Security Management |
||
Line 13: | Line 13: | ||
* Network security |
* Network security |
||
− | == What is the purpose of this course? == |
+ | === What is the purpose of this course? === |
Security breaches cost billions of dollars worth of damage to the computing industry. Today, cybercriminals control armies consisting of several millions of compromised machines. Attacks are increasingly being perpetrated towards enterprises, individuals, critical infrastructure and even governments. At the same time, our computer systems and platforms are fast evolving to meet the demands of the industry. Increasing the use of personalized devices, and our growing dependence on legacy computer systems that weren’t designed with security in mind is a challenge ahead. Therefore, the purpose of this course is to cover the design and implementation of different IT systems from a security perspective. This course introduces to the field of systems security: that is, how to analyze and develop secure systems. The course covers fundamental concepts of systems design, low and high-level vulnerabilities exploitation, design, and implementation flaws in different types of applications based on the real-world scenarios. |
Security breaches cost billions of dollars worth of damage to the computing industry. Today, cybercriminals control armies consisting of several millions of compromised machines. Attacks are increasingly being perpetrated towards enterprises, individuals, critical infrastructure and even governments. At the same time, our computer systems and platforms are fast evolving to meet the demands of the industry. Increasing the use of personalized devices, and our growing dependence on legacy computer systems that weren’t designed with security in mind is a challenge ahead. Therefore, the purpose of this course is to cover the design and implementation of different IT systems from a security perspective. This course introduces to the field of systems security: that is, how to analyze and develop secure systems. The course covers fundamental concepts of systems design, low and high-level vulnerabilities exploitation, design, and implementation flaws in different types of applications based on the real-world scenarios. |
||
− | == Course Objectives Based on Bloom’s Taxonomy == |
+ | === Course Objectives Based on Bloom’s Taxonomy === |
− | === - What should a student remember at the end of the course? === |
+ | ==== - What should a student remember at the end of the course? ==== |
By the end of the course, the students should be able to recognize and define |
By the end of the course, the students should be able to recognize and define |
||
Line 32: | Line 32: | ||
* Common weaknesses/vulnerabilities in the typical systems software |
* Common weaknesses/vulnerabilities in the typical systems software |
||
− | === - What should a student be able to understand at the end of the course? === |
+ | ==== - What should a student be able to understand at the end of the course? ==== |
By the end of the course, the students should be able to describe and explain (with examples) |
By the end of the course, the students should be able to describe and explain (with examples) |
||
Line 45: | Line 45: | ||
* Network proxies |
* Network proxies |
||
− | === - What should a student be able to perform at the end of the course? === |
+ | ==== - What should a student be able to perform at the end of the course? ==== |
* Critically audit systems and code for security flaws and threats |
* Critically audit systems and code for security flaws and threats |
||
Line 53: | Line 53: | ||
* Be able to find misconfigurations/vulnerabilities in a given network/system |
* Be able to find misconfigurations/vulnerabilities in a given network/system |
||
− | == Course evaluation == |
+ | === Course evaluation === |
{| |
{| |
||
Line 76: | Line 76: | ||
If necessary, please indicate freely your course’s features in terms of students’ performance assessment: |
If necessary, please indicate freely your course’s features in terms of students’ performance assessment: |
||
− | == Grades range == |
+ | === Grades range === |
{| |
{| |
||
Line 105: | Line 105: | ||
The laboratory assignments are mandatory with a requried minimum result of 6/10 - including re-takes and late submissions - to complete the course. As a conscequence, the grades are generally pretty high and therefore the grading ranges are scaled up. |
The laboratory assignments are mandatory with a requried minimum result of 6/10 - including re-takes and late submissions - to complete the course. As a conscequence, the grades are generally pretty high and therefore the grading ranges are scaled up. |
||
− | == Resources and reference material == |
+ | === Resources and reference material === |
* Mike Chapple, James Michael Stewart, Darril Gibson, ''CISSP Official Study Guide, 8th Edition'', Sybex, 2018 |
* Mike Chapple, James Michael Stewart, Darril Gibson, ''CISSP Official Study Guide, 8th Edition'', Sybex, 2018 |
||
Line 140: | Line 140: | ||
|} |
|} |
||
− | == Section 1 == |
+ | === Section 1 === |
− | + | ====Section title:==== Information Security Management |
|
− | + | ====Topics covered in this section:==== |
|
* Security Policies and Controls |
* Security Policies and Controls |
||
Line 150: | Line 150: | ||
* Software Development Security Techniques |
* Software Development Security Techniques |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
{| |
{| |
||
Line 181: | Line 181: | ||
|} |
|} |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* What types of Security Policies are exist? |
* What types of Security Policies are exist? |
||
Line 187: | Line 187: | ||
* Explain the difference between static and dynamic analysis of application code? |
* Explain the difference between static and dynamic analysis of application code? |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* Audit the given security policy for vulnerabilities and update it accordingly |
* Audit the given security policy for vulnerabilities and update it accordingly |
||
* Calculate security risks for a given system and develop necessary security measures for mitigation |
* Calculate security risks for a given system and develop necessary security measures for mitigation |
||
− | + | ====Test questions for final assessment in this section==== |
|
As above |
As above |
||
− | == Section 2 == |
+ | === Section 2 === |
− | + | ====Section title:==== Web Security |
|
− | + | ====Topics covered in this section:==== |
|
* Security-related web technologies |
* Security-related web technologies |
||
Line 211: | Line 211: | ||
* Server Misconfiguration |
* Server Misconfiguration |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
{| |
{| |
||
Line 242: | Line 242: | ||
|} |
|} |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* What is the difference between reflected XSS and stored XSS? which one is more critical and why? |
* What is the difference between reflected XSS and stored XSS? which one is more critical and why? |
||
Line 249: | Line 249: | ||
* What is the difference between boolean-based and time-based SQL injection? |
* What is the difference between boolean-based and time-based SQL injection? |
||
− | + | ====Typical questions for seminar classes (labs) within this sectionv |
|
* Vulnerability analysis and exploitation for a given web application |
* Vulnerability analysis and exploitation for a given web application |
||
Line 255: | Line 255: | ||
* Does the Same Origin Policy apply to the localStorage inside the browser? |
* Does the Same Origin Policy apply to the localStorage inside the browser? |
||
− | + | ====Test questions for final assessment in this section==== |
|
As above |
As above |
||
− | == Section 3 == |
+ | === Section 3 === |
− | + | ====Section title:==== |
|
+ | Software Security |
||
− | + | ====Topics covered in this section:==== |
|
* Binary Exploitation |
* Binary Exploitation |
||
Line 269: | Line 270: | ||
* NX |
* NX |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
{| |
{| |
||
Line 300: | Line 301: | ||
|} |
|} |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* What are the pros and cons of using ASLR? does it affect the performance? |
* What are the pros and cons of using ASLR? does it affect the performance? |
||
Line 307: | Line 308: | ||
* Why some binaries might have the same address for their functions? what is the security risk of this? |
* Why some binaries might have the same address for their functions? what is the security risk of this? |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* Vulnerability analysis and exploitation for a given binary while ASLR is disabled |
* Vulnerability analysis and exploitation for a given binary while ASLR is disabled |
||
Line 315: | Line 316: | ||
* Some binaries are shipped with debugging symbols, How can this help you in debugging? |
* Some binaries are shipped with debugging symbols, How can this help you in debugging? |
||
− | + | ====Test questions for final assessment in this section==== |
|
As above |
As above |
||
− | == Section 4 == |
+ | === Section 4 === |
− | + | ====Section title:==== Network Security |
|
− | + | ====Topics covered in this section:==== |
|
* Networking tools |
* Networking tools |
||
Line 329: | Line 330: | ||
* IDS/IPS |
* IDS/IPS |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
{| |
{| |
||
Line 360: | Line 361: | ||
|} |
|} |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* What is the difference between VPN and sock5? |
* What is the difference between VPN and sock5? |
||
Line 368: | Line 369: | ||
* When using a proxy for HTTPS, your browser will always complain about the certificate, how can you solve this issue? |
* When using a proxy for HTTPS, your browser will always complain about the certificate, how can you solve this issue? |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* No lab for this section |
* No lab for this section |
||
− | + | ====Test questions for final assessment in this section==== |
|
As above |
As above |
Revision as of 14:36, 9 February 2022
Network and CyberSecurity
- Course name: Network and Cyber Security
- Course number: ?
Course characteristics
Key concepts of the class
- Information Security Management
- Web Security
- Software Security
- Network security
What is the purpose of this course?
Security breaches cost billions of dollars worth of damage to the computing industry. Today, cybercriminals control armies consisting of several millions of compromised machines. Attacks are increasingly being perpetrated towards enterprises, individuals, critical infrastructure and even governments. At the same time, our computer systems and platforms are fast evolving to meet the demands of the industry. Increasing the use of personalized devices, and our growing dependence on legacy computer systems that weren’t designed with security in mind is a challenge ahead. Therefore, the purpose of this course is to cover the design and implementation of different IT systems from a security perspective. This course introduces to the field of systems security: that is, how to analyze and develop secure systems. The course covers fundamental concepts of systems design, low and high-level vulnerabilities exploitation, design, and implementation flaws in different types of applications based on the real-world scenarios.
Course Objectives Based on Bloom’s Taxonomy
- What should a student remember at the end of the course?
By the end of the course, the students should be able to recognize and define
- Security policies and controls
- Risks and threats related to the system design and its implementation
- Software security testing methodologies
- Software development security techniques
- Injection and authorization flaws
- Cookies and misconfiguration flaws
- Common weaknesses/vulnerabilities in web applications
- Common weaknesses/vulnerabilities in the typical systems software
- What should a student be able to understand at the end of the course?
By the end of the course, the students should be able to describe and explain (with examples)
- Information security management methods
- Difference between different types of risks and threats
- Security-related web technologies
- The difference in the different web application flaws
- ASLR, NX and how are these techniques can help to protect against a malicious attacker
- Covert channels
- Networking tools
- Network proxies
- What should a student be able to perform at the end of the course?
- Critically audit systems and code for security flaws and threats
- Design and implement exploits for real security vulnerabilities
- Develop secure systems and applications
- Be able to design defense solutions and outline their limitations
- Be able to find misconfigurations/vulnerabilities in a given network/system
Course evaluation
Type | Default points | Proposed points |
---|---|---|
Labs/seminar classes | 20 | 30 |
Project | 30 | 30 |
Exams | 50 | 40 |
If necessary, please indicate freely your course’s features in terms of students’ performance assessment:
Grades range
Grade | Default range | Proposed range |
---|---|---|
A. Excellent | 90-100 | 90-100 |
B. Good | 75-89 | 70-89 |
C. Satisfactory | 60-74 | 60-69 |
D. Poor | 0-59 | 0-59 |
If necessary, please indicate freely your course’s grading features:
The laboratory assignments are mandatory with a requried minimum result of 6/10 - including re-takes and late submissions - to complete the course. As a conscequence, the grades are generally pretty high and therefore the grading ranges are scaled up.
Resources and reference material
- Mike Chapple, James Michael Stewart, Darril Gibson, CISSP Official Study Guide, 8th Edition, Sybex, 2018
- Michal Zalewsk, The Tangled Web, No Starch Press, 2011
- Jon Erickson, Hacking: The Art of Exploitation, 2nd Edition, No Starch Press, 2008
Course Sections
Section | Section Title | Teaching Hours |
---|---|---|
1 | Information security management | 6 |
2 | Web security | 6 |
3 | Software Security | 8 |
4 | Network Security | 4 |
5 | Labs | 56 |
Section 1
====Section title:==== Information Security Management
Topics covered in this section:
- Security Policies and Controls
- Risks Analysis and Threats Modeling
- Software Development Security Techniques
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | 0 |
Homework and group projects | 1 |
Midterm evaluation | 0 |
Testing (written or computer based) | 1 |
Reports | 1 |
Essays | 0 |
Oral polls | 0 |
Discussions | 1 |
Typical questions for ongoing performance evaluation within this section
- What types of Security Policies are exist?
- What information from a given system you need to take into account to calculate security risks?
- Explain the difference between static and dynamic analysis of application code?
Typical questions for seminar classes (labs) within this section
- Audit the given security policy for vulnerabilities and update it accordingly
- Calculate security risks for a given system and develop necessary security measures for mitigation
Test questions for final assessment in this section
As above
Section 2
====Section title:==== Web Security
Topics covered in this section:
- Security-related web technologies
- Same Origin Policy
- Web Attacker Model
- OWASP methodology
- Injection Flaws
- Authorization Flaws
- Cookies Flaws
- Server Misconfiguration
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | 1 |
Homework and group projects | 1 |
Midterm evaluation | 1 |
Testing (written or computer based) | 1 |
Reports | 1 |
Essays | 0 |
Oral polls | 0 |
Discussions | 1 |
Typical questions for ongoing performance evaluation within this section
- What is the difference between reflected XSS and stored XSS? which one is more critical and why?
- What are the pros and cons of using regex to protect against XSS?
- what is the Same Origin Policy? and which attack does it mitigate?
- What is the difference between boolean-based and time-based SQL injection?
====Typical questions for seminar classes (labs) within this sectionv
- Vulnerability analysis and exploitation for a given web application
- Write and deploy WAF rules to mitigate a specific web attack
- Does the Same Origin Policy apply to the localStorage inside the browser?
Test questions for final assessment in this section
As above
Section 3
Section title:
Software Security
Topics covered in this section:
- Binary Exploitation
- ASLR
- NX
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | 0 |
Homework and group projects | 1 |
Midterm evaluation | 0 |
Testing (written or computer based) | 1 |
Reports | 1 |
Essays | 0 |
Oral polls | 0 |
Discussions | 1 |
Typical questions for ongoing performance evaluation within this section
- What are the pros and cons of using ASLR? does it affect the performance?
- What can you do with a format string vulnerability?
- What is the required information to be able to identify a remote libc version?
- Why some binaries might have the same address for their functions? what is the security risk of this?
Typical questions for seminar classes (labs) within this section
- Vulnerability analysis and exploitation for a given binary while ASLR is disabled
- Try to rewrite the following Assembly code in any programming language
- How can you check if you have ASLR, PIE, NX enabled or not?
- Decompilers are not always accurate why? how can you improve it?
- Some binaries are shipped with debugging symbols, How can this help you in debugging?
Test questions for final assessment in this section
As above
Section 4
====Section title:==== Network Security
Topics covered in this section:
- Networking tools
- Network attacks
- IDS/IPS
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | 0 |
Homework and group projects | 1 |
Midterm evaluation | 0 |
Testing (written or computer based) | 1 |
Reports | 1 |
Essays | 0 |
Oral polls | 0 |
Discussions | 1 |
Typical questions for ongoing performance evaluation within this section
- What is the difference between VPN and sock5?
- What are IDS, IPS, and DPI?
- Why does Nmap produce false-positive when scanning a windows host? can you improve the scanning technique?
- What is covert channel? what are the most common protocols that are used for covert channel? why?
- When using a proxy for HTTPS, your browser will always complain about the certificate, how can you solve this issue?
Typical questions for seminar classes (labs) within this section
- No lab for this section
Test questions for final assessment in this section
As above